//! # 安全配置模块
//! 
//! 定义安全相关的配置结构，包括认证、授权和加密。

use serde::{Deserialize, Serialize};
use crate::config::{AuthConfig, AuthorizationConfig, EncryptionConfig, PolicyConfig};

/// 安全配置
#[derive(Debug, Clone, Serialize, Deserialize)]
pub struct SecurityConfig {
    /// 认证配置
    pub auth: Option<AuthConfig>,
    
    /// 授权配置
    pub authorization: Option<AuthorizationConfig>,
    
    /// 加密配置
    pub encryption: Option<EncryptionConfig>,
}

impl Default for SecurityConfig {
    fn default() -> Self {
        Self {
            auth: None,
            authorization: None,
            encryption: None,
        }
    }
}

/// 认证配置
#[derive(Debug, Clone, Serialize, Deserialize)]
pub struct AuthConfig {
    /// 认证类型（basic、bearer、oauth2、jwt）
    pub auth_type: String,
    
    /// 用户名（用于basic认证）
    pub username: Option<String>,
    
    /// 密码（用于basic认证）
    pub password: Option<String>,
    
    /// Token（用于bearer认证）
    pub token: Option<String>,
}

/// 授权配置
#[derive(Debug, Clone, Serialize, Deserialize)]
pub struct AuthorizationConfig {
    /// 授权策略
    pub policies: Vec<PolicyConfig>,
}

/// 策略配置
#[derive(Debug, Clone, Serialize, Deserialize)]
pub struct PolicyConfig {
    /// 策略名称
    pub name: String,
    
    /// 资源路径
    pub resource: String,
    
    /// 允许的操作
    pub actions: Vec<String>,
    
    /// 角色
    pub roles: Vec<String>,
}

/// 加密配置
#[derive(Debug, Clone, Serialize, Deserialize)]
pub struct EncryptionConfig {
    /// 加密算法
    pub algorithm: String,
    
    /// 密钥
    pub key: String,
}